Member Avatar for Whilliam

Hi guys. I've stayed away from web development for 2 years so forgive me if I'm a bit outdated.

I'm planning to make a website. One of features is anti-spam registration.
So, as the title says, I want to capture the client's IP Address and store it in the database. That way, it'll increase the chance of a user having no more than 1 account.

I've been to many websites and I'm wondering, of all the websites I've been through, why is no one applying this?
Is there a downside to this idea? Breaching of security of personal information perhaps? Slower performance?
I can't think of any downsides to it but I want to ask the experts to make sure.

  • 4 Contributors
  • 3 Replies
  • 274 Views
  • 3 Hours Discussion Span
  • Latest Post Latest Post by matrixdevuk

Recommended Answers

All 3 Replies

Member Avatar for cereal

Hi,

at the moment this is not a good idea, two or more users could share the same IP address at the same time, if using a proxy or a connection from an office, a library... or in different days: most users use dynamic addresses, so user A today has IP 111.111.111.111, then restarts his router and he gets a new address, while the previous IP will be reassigned to a new user, user B, that will not be able to sign up your service.

Also, if creating a double opt-in sign up system, and sending an email with a confirmation link, you must save both IPs: in some cases a user could submit the form from a desktop and open the confirmation link from a smartphone, submitting two different IP addresses... if one of these is already assigned to another user, with your approach, he will not be able to complete the registration process. Some information here:

To prevent bot spammers implement a captcha:

Preventing multiple accounts, instead, is a lot more difficult.

Member Avatar for almostbob

ip addresses are assigned by the ISP and are not permanent.
ISP change them often to make it more difficult for home users to host
User logs in laptop: at home, coffee shop, McD, Library, mall, 1 ip each; and they all change next month
my house 4ip; 1 fixed and 3 change next month every month
phone: driving, 5 different ip during the session,

Edited by almostbob
Member Avatar for matrixdevuk

You'd be better off storing it as a cookie, rather than tracking IP's for the reasons above ^^.

Also, as @cereal said; recaptcha is nice... give NoCaptcha a try too. Or even, give my custom captcha script a try!
https://github.com/matrixdevuk/SweatyCaptcha

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.